<!DOCTYPE html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script src="/bluetooth/resources/bluetooth-test.js"></script>
<script src="/bluetooth/resources/bluetooth-fake-devices.js"></script>
<script>
'use strict';
const test_desc = 'Blocklisted UUID in optionalServices is removed and ' +
    'access not granted.';
const expected = new DOMException(
    'Origin is not allowed to access the ' +
        'service. Tip: Add the service UUID to \'optionalServices\' in ' +
        'requestDevice() options. https://goo.gl/HxfxSQ',
    'SecurityError');
let device, fake_peripheral;

bluetooth_test(
    () => getDiscoveredHealthThermometerDevice({
            filters: [{services: ['health_thermometer']}],
            optionalServices: ['human_interface_device']
          })
              .then(_ => ({device, fake_peripheral} = _))
              .then(
                  () => fake_peripheral.setNextGATTConnectionResponse(
                      {code: HCI_SUCCESS}))
              .then(() => device.gatt.connect())
              .then(() => Promise.all([
                assert_promise_rejects_with_message(
                    device.gatt.getPrimaryService('human_interface_device'),
                    expected, 'Blocklisted service not accessible.'),
                assert_promise_rejects_with_message(
                    device.gatt.getPrimaryServices('human_interface_device'),
                    expected, 'Blocklisted services not accessible.')
              ])),
    test_desc);
</script>
